From 6bedf31e5275c2f2a33051a547aa1dc722aafa97 Mon Sep 17 00:00:00 2001
From: "Karl O. Pinc" <kop@meme.com>
Date: Tue, 12 Aug 2014 23:05:35 -0500
Subject: Docs: Add resource tree into security overview.

---
 docs/narr/security.rst | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs/narr')

diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 29c62d9f3..e6bbff44e 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -20,6 +20,12 @@ allowed.  Here's how it works at a high level:
 
 - A :term:`request` is generated when a user visits the application.
 
+- If an :term:`authorization policy` is in effect the application uses
+  the request and it's :term:`root factory` to create a :ref:`resource tree
+  <the_resource_tree>` of :term:`contexts <context>`.  The resource
+  tree maps contexts to URLs and within the contexts the application
+  puts declarations which authorize access.
+
 - Based on the request, a :term:`context` resource is located through
   :term:`resource location`.  A context is located differently depending on
   whether the application uses :term:`traversal` or :term:`URL dispatch`, but
-- 
cgit v1.2.3